<?php
/**
 * Created by PhpStorm.
 * User: dehong
 * Date: 2016/10/8
 * Time: 21:12
 */
session_start();
// 定义个常量，用来调用includes里面的文件
define('IN_TG',true);
// 用来指定本页内容
define('SCRIPT','member_friend');
// 引入公共文件
require dirname(__FILE__).'/includes/common.inc.php'; // 转换成硬路径,速度更快
// 判断是否登录了
if(!isset($_COOKIE['username'])){
    _alert_close('请先登录!');
}
// 验证好友
if(@$_GET['action']=='check' && isset($_GET['id'])){
    //当你进行危险操作时，要进行唯一标识符验证
    if(!!$_rows2 = _query("SELECT tg_uniqid FROM tg_user WHERE tg_username='{$_COOKIE['username']}' LIMIT 1")) {
        // 修改表里的state，从而通过验证
        $_sql = "UPDATE tg_friend SET tg_state=1 WHERE tg_id='{$_GET['id']}'";
        $result = $GLOBALS['dbh']->exec($_sql) or die('SQL执行错误！');
        if($result==1){
            $GLOBALS['dbh'] = null;
            _location('好友验证成功！','member_friend.php');
        } else {
            $GLOBALS['dbh'] = null;
            _alert_back('好友验证失败！');
        }
    }else{
        _alert_back('非法登录');
    }
}
// 批量删除好友
if(@$_GET['action']=='delete' && isset($_POST['ids'])){
    $_clean = array();
    $_clean['ids'] = _mysql_string(implode(',',$_POST['ids']));
    echo $_clean['ids'];
    //当你进行危险操作时，要进行唯一标识符验证
    if(!!$_rows2 = _query("SELECT tg_uniqid FROM tg_user WHERE tg_username='{$_COOKIE['username']}' LIMIT 1")) {
        // 为了防止cookie伪造，还要对比一下唯一标识符uniqid()
        _uniqid($_rows2['tg_uniqid'], $_COOKIE['uniqid']);
        $_sql = "DELETE FROM tg_friend WHERE tg_id IN({$_clean['ids']})";
        $result = $GLOBALS['dbh']->exec($_sql) or die('SQL执行错误！');
        if($result){
            $GLOBALS['dbh'] = null;
            _location('好友删除成功！','member_friend.php');
        } else {
            $GLOBALS['dbh'] = null;
            _alert_back('好友删除失败！');
        }
    }else{
        _alert_back('非法登录！');
    }
}
// 分页模块
global $_pagesize,$_pagenum;
_page("SELECT tg_id FROM tg_friend WHERE tg_touser='{$_COOKIE['username']}' OR tg_fromuser='{$_COOKIE['username']}'",15); //第一个参数取总条数，第二个参数指定每页多少条
// 从数据库提取数据获取结果集
$_sql = "SELECT
                tg_id,tg_state,tg_touser,tg_fromuser,tg_content,tg_date
           FROM
                tg_friend
          WHERE
                tg_touser='{$_COOKIE['username']}'
             OR
                tg_fromuser='{$_COOKIE['username']}'
       ORDER BY
                tg_date DESC LIMIT $_pagenum,$_pagesize";
$result = _fetch_array_list($_sql);
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <?php require ROOT_PATH.'includes/title.inc.php'; ?>
    <script type="text/javascript" src="js/member_message.js"></script>
</head>
<body>
<?php require ROOT_PATH."includes/header.inc.php"; ?>

<div id="member">
    <?php require ROOT_PATH."includes/member.inc.php";?>
    <div id="member_main">
        <h2>好友设置中心</h2>
        <form method="post" action="?action=delete">
        <table cellspacing="1">
            <tr><th>好友</th><th>请求内容</th><th>时间</th><th>状态</th><th>操作</th></tr>
            <?php
                $_html = array();
                foreach($result as $_rows){
                    $_html['id'] = $_rows['tg_id'];
                    $_html['touser'] = $_rows['tg_touser'];
                    $_html['fromuser'] = $_rows['tg_fromuser'];
                    $_html['content'] = $_rows['tg_content'];
                    $_html['state'] = $_rows['tg_state'];
                    $_html['date'] = $_rows['tg_date'];
                    $_html = _html($_html);
                    if($_html['touser'] == $_COOKIE['username']){
                        $_html['friend'] = $_html['fromuser'];
                        if(empty($_html['state'])){
                            $_html['state_html'] = '<a href="?action=check&id='.$_html['id'].'" style="color: red">你未验证</a>';
                        }else{
                            $_html['state_html'] = '<span style="color: green;">通过</span>';
                        }
                    }elseif($_html['fromuser'] == $_COOKIE['username']){
                        $_html['friend'] = $_html['touser'];
                        if(empty($_html['state'])){
                            $_html['state_html'] = '<span style="color: blue;">对方未验证</span>';
                        }else{
                            $_html['state_html'] = '<span style="color: green;">通过</span>';
                        }
                    }
            ?>
            <tr>
                <td><?php echo $_html['friend']?></td>
                <td title="<?php echo $_html['content']?>"><?php echo _title($_html['content'],14)?></td>
                <td><?php echo date('Y-m-d H:i:s',$_html['date'])?></td>
                <td><?php echo $_html['state_html']?></td>
                <td><input name="ids[]" value="<?php echo $_html['id']?>" type="checkbox" /></td>
            </tr>
            <?php }
            ?>
            <tr><td colspan="5"><lable for="all">全选 <input type="checkbox" name="chkall" id="all" /></lable><input type="submit" value="批删除" /></td></tr>
        </table>
        </form>
        <?php
        // 调用分页 1|2 1表示数字分页，2表示文本分页
        _paging(2);
        ?>
    </div>
</div>
    <?php require ROOT_PATH."includes/footer.inc.php"; ?>
</body>
</html>